August 11, 2021

Zero-Trust Remote Work

Zach Harkleroad

Introduction

This past year has shifted companies views of a remote workforce. A recent Harvard study found that 40 percent of workers that switched to remote work during the pandemic will remain remote after [1]. With this dramatic change in how we work, vulnerabilities with current security practices are being exploited.

With the increased use public cloud infrastructure, mobile devices and web-based applications, current security models are becoming obsolete. Relying on network firewalls and virtual private networks (VPNs) to manage access and isolate organizational resources is no longer compatible with todays mobile workforce .One solution is to move organizations away from these managed networks and migrate to an web-based Zero-Trust security model.

What is Zero-Trust?

Traditionally security models assume that if you have access to internal resources then you can be trusted. Organizations often ignore internal networks and build up a perimeter around their external facing infrastructure. Zero-Trust solves this by building a security posture of never trusting and always verifying. In a Zero-Trust environment, all requests from a device, microservice, application or API must be authenticated and authorized each time. Zero-Trust places the responsibility of security on the user or service, which allows AI to manage threats with little or no human intervention. By validating requests for each hop a user or service takes throughout an organizations infrastructure, we are able to monitor and act on security abnormalities in real-time.

Core Concepts of Zero-Trust

Implementing Zero-Trust across your organization requires buy in from technical teams and management. Below are a few concepts to consider when implementing Zero-trust in your organization.

User Identity

Multi-Factor Authentication (MFA) for all users and guests. Phone-factor (Call, SMS) are is the most common form of MFA.  As we migrate towards a passwordless future, MFA applications like Microsoft® Authenticator are becoming widely adopted.

Device Health and Identity

Provide employees with a secure way to work.  Deploy Mobile Device Management(MDM) services that continously monitor device health (Updates, antivirus, etc.) and identity of the device or endpoint.

Segmentation

Limit access to only the applications, services, and infrastructure required to perform the job function. Segment customer data from others.

Data Classification

Data should be classified, labeled and encrypted

Threat Management

Use AI enabled threat management and detection services to flag and mitigate risky behavior.

Imagined.Cloud's Zero-Trust Ready Solution

With the demands of the remote workforce growing, it is becoming increasingly difficult to integrate legacy products into a Zero-Trust security model. Choosing a platform or product that works with modern threat management and authentication is essential in staying secure with todays workforce. All of Imagined.Cloud's products have been developed with Zero-Trust security principles and use the latest in Azure services.

For more information about Imagined.Cloud and our commitment to security in this remote world, contact us.

References

[1] Harvard Business School, “What Jobs are Being Done at Home During the COVID-19 Crisis? Evidence from Firm-Level Surveys”, Working Paper 20-138 July 2021

Explore other blog posts

Want agency updates?
Join our newsletter